Charité is one of the largest university hospitals in Europe, extending over four campuses with more than 100 different departments and institutes, making a total of 17 different Charité Centers. Trusted to provide medical care for the last three centuries, Charité is now one of the largest employers in Berlin, employing more than 20,000 staff and with a total annual revenue of €2.3 billion (including external funding and investment grants).
The Network team in the IT division of Charité - Universitätsmedizin Berlin has 10 technicians and 8 administrators, and manages the physical network (LAN & WLAN), the most critical network services (e.g., DNS & DHCP), network access protection, and IP management. The team's network infrastructure, includes:
- 4 campuses and some external properties and rental objects with 945,000m²
- More than 20,000 employees
- More than 450 network nodes and 4 data centers
- More than 35,000 active devices in the LAN network and approximately 12,000 WLAN clients daily
Charité sought to shift its LAN-based medical device network to a 5GHz wireless local-area network (WLAN), and required 802.1x EAP-TLS or EAP-TTLS authentication.
Charité's IT team began by qualifying the SX-BR-4600WAN Ethernet-to-Wireless Bridge with WPA enterprise security. Silex provided and supported the technology through the initial evolution of security and network requirements, and still maintains the solution today.
Solution Evolution Over Time
Charité's team adopted four generations of the Silex’s bridges to update the Wi-Fi security and performance. Silex supports Charite’s IT team with both updated hardware and updated product firmware when security requirements change.
When Charité's IT team searched for a solution, they began with a WLAN bridge from their existing network partner, but it was not capable of EAP-TLS.
When Charité found Silex and the company's BR-4600WAN, the IT team was able to easily set up and test one unit to ensure it would allow medical devices connect with the WLAN system that required Charité’s certificate for authentication. The result was successful, and Charite’s IT team adopted Silex’s bridge as a scalable solution.
Silex’s support throughout the product life cycle was imperative when BSI (Bundesamt für Sicherheit in der Informationstechnik) added a requirement for TLSv1.2 (instead of the original TLSv1.0). Silex promptly responded to the request for support and has continued to support the solution. Today, Silex offers the BR-500AC, the latest enterprise Wi-Fi bridge supporting WPA3-Enterprise (128-bit mode) with TLSv1.2.
After the first deployment of Silex’s bridges to the field, it turned out that the power supply from the AC power adapter to the bridge was not suitable for everyday use. Since the SX-BR-4600WAN operates with a 5V power supply, Charité’s team decided to power the bridge from the USB ports of the medical devices. As a result, Charité achieved true mobility for their medical devices on mobile carts.
Untethering a medical devices from the Ethernet cable and power supply relieves nurses and doctors from carrying cables and locating LAN sockets and AC power outlets. Furthermore, LAN outlets are no longer ripped from the wall when the equipment is accidentally moved without being unplugged first.
The network security, WLAN connection reliability, and product lifecycle support from Silex all benefit Charité's IT team as they protect Charité's intellectual properties and patient privacy, and maintain secure, robust infrastructure. With this solution, Charité can provide reliable data communication among connected medical devices throughout the hospital network.
Download PDF version from Here.